Return public key and fingerprint after generating repo signing key

2024-11-14 11:00:10 +01:00 · 2017-03-22 15:44:35 -03:00 · 2017-03-22 15:44:35 -03:00 · c9b76eb808
commit c9b76eb808
parent c484dc33be
2 changed files with 35 additions and 17 deletions
--- a/fdroidserver/common.py
+++ b/fdroidserver/common.py
@ -37,6 +37,7 @@ import base64
 import zipfile
 import xml.etree.ElementTree as XMLElementTree
 from binascii import hexlify
 from datetime import datetime
 from distutils.version import LooseVersion
 from queue import Queue
@ -2142,7 +2143,10 @@ def genpassword():
 def genkeystore(localconfig):
-    '''Generate a new key with random passwords and add it to new keystore'''
+    """
    Generate a new key with password provided in :param localconfig and add it to new keystore
    :return: hexed public key, public key fingerprint
    """
    logging.info('Generating a new key in "' + localconfig['keystore'] + '"...')
    keystoredir = os.path.dirname(localconfig['keystore'])
    if keystoredir is None or keystoredir == '':
@ -2165,12 +2169,35 @@ def genkeystore(localconfig):
    if p.returncode != 0:
        raise BuildException("Failed to generate key", p.output)
    os.chmod(localconfig['keystore'], 0o0600)
-    # now show the lovely key that was just generated
+    if not options.quiet:
-    p = FDroidPopen([config['keytool'], '-list', '-v',
+        # now show the lovely key that was just generated
-                     '-keystore', localconfig['keystore'],
+        p = FDroidPopen([config['keytool'], '-list', '-v',
-                     '-alias', localconfig['repo_keyalias'],
+                         '-keystore', localconfig['keystore'],
-                     '-storepass:file', config['keystorepassfile']])
+                         '-alias', localconfig['repo_keyalias'],
-    logging.info(p.output.strip() + '\n\n')
+                         '-storepass:file', config['keystorepassfile']])
        logging.info(p.output.strip() + '\n\n')
    # get the public key
    p = FDroidPopenBytes([config['keytool'], '-exportcert',
                          '-keystore', localconfig['keystore'],
                          '-alias', localconfig['repo_keyalias'],
                          '-storepass:file', config['keystorepassfile']]
                         + config['smartcardoptions'],
                         output=False, stderr_to_stdout=False)
    if p.returncode != 0 or len(p.output) < 20:
        raise BuildException("Failed to get public key", p.output)
    pubkey = p.output
    fingerprint = get_cert_fingerprint(pubkey)
    return hexlify(pubkey), fingerprint
 def get_cert_fingerprint(pubkey):
    """
    Generate a certificate fingerprint the same way keytool does it
    (but with slightly different formatting)
    """
    digest = hashlib.sha256(pubkey).digest()
    ret = [' '.join("%02X" % b for b in bytearray(digest))]
    return " ".join(ret)
 def write_to_config(thisconfig, key, value=None):
--- a/fdroidserver/update.py
+++ b/fdroidserver/update.py
@ -1107,15 +1107,6 @@ def scan_apks(apkcache, repodir, knownapks, use_date_from_apk=False):
 repo_pubkey_fingerprint = None
 # Generate a certificate fingerprint the same way keytool does it
 # (but with slightly different formatting)
 def cert_fingerprint(data):
    digest = hashlib.sha256(data).digest()
    ret = []
    ret.append(' '.join("%02X" % b for b in bytearray(digest)))
    return " ".join(ret)
 def extract_pubkey():
    global repo_pubkey_fingerprint
    if 'repo_pubkey' in config:
@ -1134,7 +1125,7 @@ def extract_pubkey():
            logging.critical(msg)
            sys.exit(1)
        pubkey = p.output
-    repo_pubkey_fingerprint = cert_fingerprint(pubkey)
+    repo_pubkey_fingerprint = common.get_cert_fingerprint(pubkey)
    return hexlify(pubkey)